feat(account invitation): accept the invitation by the current user (#25

) * feat(account invitation): accept the invitation by the current user * feat(account invitation): update tests * feat(account invitation): update according to the comments * feat(account invitation): update the rubocop configuration * feat(account invitation): rework based on the comments * feat(account invitation): add the frozen string literal * feat(account invitation): revert some decisions * feat(account invitation): change tests
widefix · Aug 25, 2023 · ec6f1c5 · ec6f1c5
1 parent 3c21849
commit ec6f1c5
Show file tree

Hide file tree

Showing 12 changed files with 94 additions and 7 deletions.
diff --git a/.rubocop.yml b/.rubocop.yml
@@ -3,3 +3,7 @@ inherit_from: .rubocop_todo.yml
 AllCops:
   TargetRubyVersion: 2.7
   NewCops: enable
+
+Style/Documentation:
+  Description: Document classes and non-namespace modules.
+  Enabled: false
diff --git a/app/controllers/accept_account_invitations_controller.rb b/app/controllers/accept_account_invitations_controller.rb
@@ -0,0 +1,18 @@
+# frozen_string_literal: true
+
+class AcceptAccountInvitationsController < ApplicationController
+  before_action :authenticate_user!
+
+  def show; end
+
+  def update
+    received_invitation.update!(accepted_at: Time.current)
+    redirect_to account_path(received_invitation.account_id)
+  end
+
+  private
+
+  helper_method memoize def received_invitation
+    AccountInvitation.unaccepted.for(current_user).find_by!(token: ps.fetch(:token))
+  end
+end
diff --git a/app/controllers/account_invitations_controller.rb b/app/controllers/account_invitations_controller.rb
@@ -6,7 +6,10 @@ def index; end
   def new; end
 
   def create
-    AccountInvitation.create!(user_id: current_user.id, account_id: account.id, **account_invitation_params)
+    AccountInvitation.create!(user_id: current_user.id,
+                              account_id: account.id,
+                              token: SecureRandom.urlsafe_base64(32),
+                              **account_invitation_params)
     redirect_to account_invitations_path account
   end
 

diff --git a/app/controllers/my_accounts_controller.rb b/app/controllers/my_accounts_controller.rb
@@ -1,8 +1,7 @@
 class MyAccountsController < ApplicationController
   before_action :authenticate_user!
 
-  def show
-  end
+  def show; end
 
   private
 

diff --git a/app/models/account_invitation.rb b/app/models/account_invitation.rb
@@ -1,4 +1,7 @@
 class AccountInvitation < ApplicationRecord
   belongs_to :user
   belongs_to :account
+
+  scope :for, ->(user) { where(email: user.email) }
+  scope :unaccepted, -> { where(accepted_at: nil) }
 end
diff --git a/app/views/accept_account_invitations/show.html.slim b/app/views/accept_account_invitations/show.html.slim
@@ -0,0 +1,13 @@
+div.columns.is-centered.is-vcentered
+  div.column.is-two-third
+    h4.subtitle.has-text-centered
+      | Dear #{received_invitation.name}
+    h6.subtitle.has-text-centered
+      | I am delighted to invite you to manage the account
+    br
+    br
+    div.buttons.is-centered
+      = link_to 'Accept', accept_account_invitation_path, method: :patch, class: 'button is-success is-medium'
+      span.has-text-grey-light
+
+      = link_to 'Cancel', root_path, class: 'button is-light is-medium'
diff --git a/app/views/account_invitations/_account_invitation.html.slim b/app/views/account_invitations/_account_invitation.html.slim
@@ -3,4 +3,5 @@ tr
   td= account_invitation.email
   td= account_invitation.created_at.to_formatted_s(:short)
   td= account_invitation.accepted_at&.to_formatted_s(:short)
+  td= link_to 'link', accept_account_invitation_url(token: account_invitation.token)
   td= link_to :delete, account_invitation_path(account, account_invitation), method: :delete, data: {confirm: 'Delete this invitation?'}
diff --git a/app/views/account_invitations/index.html.slim b/app/views/account_invitations/index.html.slim
@@ -16,5 +16,6 @@ h2.title
               th Email
               th Created
               th Accepted
+              th Link
               th Actions
           = render partial: 'account_invitation', collection: account.account_invitations.order(created_at: :desc)
diff --git a/config/routes.rb b/config/routes.rb
@@ -12,6 +12,8 @@
     resources :objectives, only: %i[new create]
     resources :invitations, only: %i[index new create destroy], controller: 'account_invitations'
   end
+
+  resources :accept_account_invitations, param: :token, only: %i[show update]
   resources :transactions, only: [:destroy]
   resources :objectives, only: [:destroy]
 end
diff --git a/spec/controllers/accept_account_invitations_spec.rb b/spec/controllers/accept_account_invitations_spec.rb
@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+RSpec.describe AcceptAccountInvitationsController, type: :controller do
+  describe '#show' do
+    let(:account) { create(:account, :parent) }
+    let(:user) { create(:user, account: account) }
+    let(:second_user) { create(:user, account: account) }
+
+    let!(:account_invitation) { create(:account_invitation, user: user, account: account, email: second_user.email) }
+
+    subject do
+      get :show, params: { token: account_invitation.token }
+    end
+
+    before { sign_in second_user }
+
+    it { is_expected.to have_http_status(:success) }
+    it { is_expected.to render_template(:show) }
+  end
+
+  describe '#update' do
+    let(:account) { create(:account, :parent) }
+    let(:user) { create(:user, account: account) }
+    let(:second_user) { create(:user, account: account) }
+
+    let!(:account_invitation) { create(:account_invitation, user: user, account: account, email: second_user.email) }
+
+    subject do
+      patch :update, params: { token: account_invitation.token }
+    end
+
+    before { sign_in second_user }
+
+    it 'set the taime' do
+      subject
+      expect(AccountInvitation.find(account_invitation.id).accepted_at).not_to be_nil
+    end
+    it { is_expected.to have_http_status(302) }
+    it { is_expected.to redirect_to(account_path(account_invitation.account_id)) }
+  end
+end
diff --git a/spec/controllers/account_invitations_spec.rb b/spec/controllers/account_invitations_spec.rb
@@ -33,7 +33,7 @@
       post :create, params: { account_invitation: {
         name: FFaker::Name.first_name,
         email: FFaker::Internet.email,
-        token: FFaker::Lorem.sentence
+        token: SecureRandom.urlsafe_base64(32)
       }, account_id: account.id }
     end
 
@@ -48,8 +48,8 @@
   describe '#destroy' do
     let(:account) { create(:account, :parent) }
     let(:user) { create(:user, account: account) }
-
-    let!(:account_invitation) { create(:account_invitation, user: user, account: account) }
+    let(:second_user) { create(:user) }
+    let!(:account_invitation) { create(:account_invitation, user: user, account: account, email: second_user.email) }
 
     subject { delete :destroy, params: { account_id: account.id, id: account_invitation } }
     before { sign_in user }

diff --git a/spec/factories/account_invitations.rb b/spec/factories/account_invitations.rb
@@ -3,7 +3,7 @@
     association :user, factory: :user
     name { FFaker::Name.first_name }
     email { FFaker::Internet.email }
-    token { FFaker::Lorem.phrase }
+    token { SecureRandom.urlsafe_base64(32) }
     association :account, factory: %i[account parent]
   end
 end